Malware ‘Willysy’ On A Rampage, Infects 6 Million+ Web Pages

The web has been engulfed with a new wave of malware attack that has managed to infect more than 6 million e-commerce web pages in two just weeks.

According security company Armorize, the ‘Willysy’ malware, which was discovered last month, spread to infect millions of web pages belonging to e-commerce websites. Interestingly, the malware exploits vulnerabilities that were patched last Autumn.

The malware exploits vulnerabilities in osCommerce an open source e-commerce platform. However, the bugs being exploited by the malware had been fixed in version 2.3 of the platform. osCommerce has more than 250,000 small and medium sized customers.

Armorize had reported in July that the malware had infected 90,000 osCommerce web pages, however, as of August 3, the malware had spread to infected more than 6.3 million web pages.

The company has already traced the origin of the attack to eight IP address in Ukraine. The hackers use an invisible frame known as iFrame on the web pages and inject them with malicious code. The attack exploits vulnerabilities in Java, Adobe Reader, Windows Help Centre and Internet Explorer. These vulnerabilities are known and have also been patched.

Businesses need to be quick about patching known vulnerabilities in the off-the-shelf software that they use. The lack of swift action is perhaps the root of the problem.